Search form

Search

State-Sponsored Malware

State-Sponsored Malware

Malware, short for “malicious software,” is software that is used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. The vast majority of malware is criminal, aimed at obtaining banking information or login credentials for email or social media accounts. But malware is also used by state actors. State intelligence agencies use malware to carry out covert actions against other states’ computer systems, such as Flame and Stuxnet. States and state-supporting actors also use malware to spy on activists, journalists, and dissidents.

Since March 2012, EFF has been collecting and analyzing malware deployed by pro-Syrian-government hackers that targets supporters of the Syrian opposition, covertly installs surveillance tools on their computers, and collects keystrokes, passwords, and screenshots. Our analysis has identified two distinct groups that have carried out prolonged phishing and malware campaigns using cheap or free Remote Access Tools, such as Black Shades Remote Controller and Dark Comet RAT. To date, EFF has reported on more than a dozen distinct attacks, which we have translated into Arabic in order to alert the Syrian community.

Eva Galperin, security expert from the Electronic Frontier Foundation, was recently targeted by similar malware, along with an Associated Press journalist and a Vietnamese pro-democracy blogger. She is convinced the Trojan sent to her via email, purporting to come from charity Oxfam, actually came from Vietnamese government hackers.

In the Ethiopian community, bloggers, journalists, and activists are all targets of increasing levels of surveillance and intimidation. The Ethiopian government has used its monopoly on telecommunications to restrict its citizens rights to privacy and freedom of expression. The websites of opposition parties, independent media sites, blogs, and several international...

Yet Ethiopia is just one among many nations deploying such technology, says Eva Galperin, a global policy analyst at the Electronic Frontier Foundation, a digital rights organization in San Francisco.
“It’s important to understand that Hacking Team and FinFisher are not the only players in this game,” Ms. Galperin says...

Rumors of the extent of Ethiopia’s digital surveillance and censorship state have echoed around the information security community for years. Journalists such as Eskinder Nega have spoken of being shown text messages, printouts of emails, and recordings of their own telephone conversations by the Ethiopian security services. From within...

The NSA has seen the future of mass surveillance, and it appears they believe that the future lies in malware. Earlier this week, The Intercept reported on a series of slides and memos leaked by Edward Snowden describing the NSA's "more aggressive" approach to signals intelligence, which circumvents encryption...